Vietnamese Hackers | Breaking Cybersecurity News | The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday  added  a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities ( KEV ) Catalog, citing evidence of active exploitation. The vulnerability, tracked as  CVE-2021-35587 , carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. Successful exploitation of the remote command execution bug could enable an unauthenticated attacker with network access to completely compromise and take over Access Manager instances. "It may give the attacker access to OAM server, to create any user with any privileges, or just get code execution in the victim's server," Vietnamese security researcher Nguyen Jang ( Janggggg ), who reported the bug alongside  peterjson ,  noted  earlier this March. The issue was addressed by Oracle as part of its  Critical Patch Update  in January 2022. Additional details regarding the natu

Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's  Terms  and  Advertising Policies .  "In the first case, the defendants are a California marketing company and its agents responsible for a  bait-and-switch  advertising scheme on Facebook," the social media giant's Director of Platform Enforcement and Litigation, Jessica Romero,  said . "In the second case, the defendants are a group of individuals located in Vietnam who got users to self-compromise their Facebook accounts and ran millions of dollars of unauthorized ads." As part of the fraudulent activity, the marketing company, N&J USA Incorporated, promoted the sale of merchandise such as clothing, watches, and toys through misleading ads that, when clicked, redirected users to other e-commerce websites to complete the purchase, only to either receive nothing or get deliver

When it comes to ensuring the security of your APIs, there are four critical capabilities.

Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware. Tracked as  APT32  (or Bismuth, OceanLotus, and Cobalt Kitty), the state-aligned operatives affiliated with the Vietnam government have been known for orchestrating sophisticated  espionage campaigns  at least since 2012 with the goal of furthering the country's strategic interests. "Our investigation linked this activity to CyberOne Group, an IT company in Vietnam (also known as CyberOne Security, CyberOne Technologies, Hành Tinh Company Limited, Planet and Diacauso)," Facebook's Head of Security Policy, Nathaniel Gleicher, and Cyber Threat Intelligence Manager, Mike Dvilyanski,  said . Exact evidence trail leading Facebook to attribute the hacking activity to CyberOne Group was not disclosed, but according to a descripti